<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><title>R: Cybersecurity breaches reported to the US Department of...</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<link rel="stylesheet" type="text/css" href="R.css" />
</head><body>

<table width="100%" summary="page for HHSCyberSecurityBreaches"><tr><td>HHSCyberSecurityBreaches</td><td style="text-align: right;">R Documentation</td></tr></table>

<h2>
Cybersecurity breaches reported to the US Department 
of Health and Human Services 
</h2>

<h3>Description</h3>

<p>Since October 2009 organizations in the U.S. that store data 
on human health are required to report any incident that 
compromises the confidentiality of 500 or more patients 
/ human subjects (<a href="http://www.hhs.gov/ocr/privacy/hipaa/administrative/breachnotificationrule/brinstruction.html">45 C.F.R. 164.408</a>)  These reports are publicly available.  <code>HHSCyberSecurityBreaches</code> was downloaded from <a href="https://ocrportal.hhs.gov/ocr/breach/breach_report.jsf">the Office for Civil Rights of the U.S. Department of Health and Human Services, 2015-02-26</a>
</p>


<h3>Usage</h3>

<pre>data(HHSCyberSecurityBreaches)</pre>


<h3>Format</h3>

<p>A dataframe containing 1151 observations of 9 variables:
</p>

<dl>
<dt>Name.of.Covered.Entity</dt><dd>
<p>A <code>character</code> vector identifying the 
organization involved in the breach.  
</p>
</dd>
<dt>State</dt><dd>
<p>A <code>factor</code> giving the two-letter abbreviation of 
the US state or territory where the breach occurred.  
This has 52 levels for the 50 states plus the District 
of Columbia (DC) and Puerto Rico (PR).   
</p>
</dd>
<dt>Covered.Entity.Type</dt><dd>
<p>A <code>factor</code> giving the organization type of the 
covered entity with levels &quot;Business Associate&quot;, 
&quot;Health Plan&quot;, &quot;Healthcare Clearing House&quot;, and 
&quot;Healthcare Provider&quot; 
</p>
</dd>
<dt>Individuals.Affected</dt><dd>
<p>An <code>integer</code> giving the number of humans whose 
records were compromised in the breach.  This is 500 
or greater; U.S. law requires reports of breaches 
involving 500 or more records but not of breaches 
involving fewer.      
</p>
</dd>
<dt>Breach.Submission.Date</dt><dd>
<p>Date when the breach was reported.  
</p>
</dd>
<dt>Type.of.Breach</dt><dd>
<p>A <code>factor</code> giving one of 29 different 
combinations of 7 different breach types, 
separated by &quot;, &quot;:  &quot;Hacking/IT Incident&quot;, 
&quot;Improper Disposal&quot;, &quot;Loss&quot;, &quot;Other&quot;, &quot;Theft&quot;, 
&quot;Unauthorized Access/Disclosure&quot;, and &quot;Unknown&quot;
</p>
</dd>
<dt>Location.of.Breached.Information</dt><dd> 
<p>A <code>factor</code> giving one of 47 different 
combinations of 8 different location categories:  
&quot;Desktop Computer&quot;, &quot;Electronic Medical Record&quot;, 
&quot;Email&quot;, &quot;Laptop&quot;, &quot;Network Server&quot;, &quot;Other&quot;, 
&quot;Other Portable Electronic Device&quot;, &quot;Paper/Films&quot;
</p>
</dd>
<dt>Business.Associate.Present</dt><dd>
<p><code>Logical</code> = (Covered.Entity.Type == 
&quot;Business Associate&quot;)
</p>
</dd>
<dt>Web.Description</dt><dd>
<p>A character vector giving a narrative description of 
the incident.  
</p>
</dd>
</dl>



<h3>Details</h3>

<p>This contains the breach report data downloaded 
2015-02-26 from the US Health and Human Services.  This 
catalogues reports starting 2009-10-21.  Earlier downloads 
included a few breaches prior to 2009 when the law was 
enacted (inconsistently reported), and a date for breach 
occurrence in addition to the date of the report.  
</p>
<p>The following corrections were made to the file:
* UCLA Health System,  breach date 11/4/2011, had cover entity added as &quot;Healthcare Provider&quot;
* Wyoming Department of Health, breach date 3/2/2010 had breach type changed to &quot;Unauthorized Access / Disclosure&quot;
* Computer Program and Systems, Inc. (CPSI), breach date 3/30/2010 had breach type changed to &quot;Unauthorized Access / Disclosure&quot;  
* Aetna, breach date 7/27/2010 had breach type changed to &quot;Improper Disposal' (see explanation below), breach date 5/24/2010 name changed to City of Charlotte, NC (Health Plan) and state changed to NC
* Mercer, breach date 7/30/2010 state changed to MI
* Not applicable, breach date 11/2/2011 name changed to Northridge Hospital Medical Center and state changed to CA
* na, breach date  4/4/2011 name changed to Brian J Daniels DDS, Paul R Daniels DDS and state changed to AZ
* NA, breach date  5/27/2011 name changed to and  Spartanburg Regional Healthcare System state changed to SC
* NA, breach date 7/4/2011 name changed to Yanz Dental Corporation and state changed to CA
</p>


<h3>Source</h3>

<p><a href="https://ocrportal.hhs.gov/ocr/breach/breach_report.jsf">&quot;Breaches Affecting 500 or More Individuals&quot; downloaded from the Office for Civil Rights of the U.S. Department of Health and Human Services, 2015-02-26</a>
</p>


<h3>See Also</h3>

<p><code>breaches</code> for an earlier download of these 
data.  The exact reporting requirements and even the number 
and definitions of variables included in the 
<code>data.frame</code> have changed.  
</p>


<h3>Examples</h3>

<pre>
##
## 1.  mean(Individuals.Affected)
##
mean(HHSCyberSecurityBreaches$Individuals.Affected)
##
## 2.  Basic Breach Types
##
tb &lt;- as.character(HHSCyberSecurityBreaches$Type.of.Breach)
tb. &lt;- strsplit(tb, ', ')
table(unlist(tb.))
# 8 levels, but two are the same apart from 
# a trailing blank.  
##
## 3.  Location.of.Breached.Information 
##
lb &lt;- as.character(HHSCyberSecurityBreaches[[
          'Location.of.Breached.Information']])
table(lb)
lb. &lt;- strsplit(lb, ', ')
table(unlist(lb.))
# 8 levels 
table(sapply(lb., length))
#   1    2    3    4    5    6    7    8 
#1007  119   13    8    1    1    1    1 
# all 8 levels together observed once 
# There are 256 = 2^8 possible combinations 
# of which 47 actually occur in these data.  
</pre>


</body></html>
